📲
Android Reversing with Frida for Examiners
Authors:M. WilliamsonC. Atha
  • Android Reversing for Examiners
  • Setting Up
    • Prerequisites
    • Our Target: Private Photo Vault
  • Lab
    • [1] Lab setup and initial app exploration
      • [1.1] Upload frida-server to the emulator or device and run using nohup
      • [1.2] Review files in the app data directory
    • [2] Perform static analysis to locate some functions of interest
    • [3] Deploy method hooks using frida REPL
    • [4a] Moar Static Analysis
    • [4b] Cast a wide net with DBI
    • [4c] PIN bruteforce
      • [4c.1] PIN bruteforce (in depth)
  • Bonus Labs
  • Ready for more?
  • Frida-tools Reference
    • Installation & Common Flags
    • frida
    • frida-ps
    • frida-trace
  • Other Processes Reference
    • Extracting an APK specimen from the device
    • Troubleshooting frida connectivity
  • What's Next
    • Recommended Toolkits and Scripts
    • Additional Resources / Questions
  • Contact Us
Powered by GitBook
On this page
  • Updates from June 9th Q&A
  • Frida Telegram Group
  • Android
  • iOS

Was this helpful?

  1. What's Next

Additional Resources / Questions

PreviousRecommended Toolkits and ScriptsNextContact Us

Last updated 4 years ago

Was this helpful?

Learning Frida is all about finding stuff online!

We could not possibly cover all there is to know in the span of 90 minutes. Instead, our goal is to empower you and provide concrete examples of situations where as a forensic examiner, you might consider RE to help explain or validate some tricky data.

We recommend following on Twitter as you will be more likely to see when new versions are released.

The release notes often provide working examples you may be able to use in your own reverse engineering.

It might seem obvious, but it's worth reiterating -- one of the best resources out there is the Frida website itself. For instance, check out this page on the or this page with a bunch of .

Updates from June 9th Q&A

On June 9th, we hosted a followup Q&A and discussed a number of other interesting resources which are listed below.

  • Azeria labs

  • OWASP Mobile Security Testing Guide

  • CrackMes RE test apps

  • Flare-VM

  • Daily CTF Challenge from NW3C

  • iOS RE Repo

  • Exploit Writing Tutorial

Frida Telegram Group

Another great way to get in touch with a room full of reverse engineering folks is to .

Android

iOS

This lab is all about Android, but in the event you wanted to try your hand at frida on iOS, you can do that! Checkm8/checkra1n has really made this a lot more accessible than it used to be.

There are definitely nuances that make it distinct than Android. Generally speaking, static analysis can also be more tricky!

Maddie Stone has an which focuses on reversing potentially malicious applications.

One great way to get started is with Ivan Rodriguez's available for those interested in pursuing iOS RE.

@fridadotre
JavaScript API
Android examples
https://azeria-labs.com
https://owasp.org/www-project-mobile-security-testing-guide
https://crackmes.one
https://github.com/fireeye/flare-vm
https://nw3.ctfd.io
https://github.com/iosre
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows
join the Frida telegram group
Android application reverse engineering course
free course